Elliptic Curve Cryptography Methods Debbie Roser Math\CS 4890



Similar documents
CSCE 465 Computer & Network Security

Efficient and Robust Secure Aggregation of Encrypted Data in Wireless Sensor Networks

CIS 5371 Cryptography. 8. Encryption --

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

Secure Network Communication Part II II Public Key Cryptography. Public Key Cryptography

Overview of Public-Key Cryptography

Discrete Mathematics, Chapter 4: Number Theory and Cryptography

Elements of Applied Cryptography Public key encryption

Lecture 25: Pairing-Based Cryptography

Cryptography and Network Security: Summary

The Mathematics of the RSA Public-Key Cryptosystem

Forward Secrecy: How to Secure SSL from Attacks by Government Agencies

CPSC 467b: Cryptography and Computer Security

Principles of Public Key Cryptography. Applications of Public Key Cryptography. Security in Public Key Algorithms

Computer Security: Principles and Practice

Elliptic Curve Cryptography

Public Key (asymmetric) Cryptography

SFWR ENG 4C03 - Computer Networks & Computer Security

Signature Schemes. CSG 252 Fall Riccardo Pucella

Table of Contents. Bibliografische Informationen digitalisiert durch

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

A Factoring and Discrete Logarithm based Cryptosystem

CSC474/574 - Information Systems Security: Homework1 Solutions Sketch

Cryptography and Network Security Chapter 10

SECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES

Public Key Cryptography. c Eli Biham - March 30, Public Key Cryptography

Cryptography and Network Security

Advanced Cryptography

Public Key Cryptography in Practice. c Eli Biham - May 3, Public Key Cryptography in Practice (13)

Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths

Public Key Cryptography: RSA and Lots of Number Theory

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

Number Theory. Proof. Suppose otherwise. Then there would be a finite number n of primes, which we may

Lecture 13 - Basic Number Theory.

Notes on Network Security Prof. Hemant K. Soni

CS 758: Cryptography / Network Security

Lecture 6 - Cryptography

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu

Identity-Based Encryption from the Weil Pairing

Encryption, Data Integrity, Digital Certificates, and SSL. Developed by. Jerry Scott. SSL Primer-1-1

Network Security. Computer Networking Lecture 08. March 19, HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Breaking The Code. Ryan Lowe. Ryan Lowe is currently a Ball State senior with a double major in Computer Science and Mathematics and

MATH 168: FINAL PROJECT Troels Eriksen. 1 Introduction

On the generation of elliptic curves with 16 rational torsion points by Pythagorean triples

CS Computer Security Third topic: Crypto Support Sys

Lecture Note 5 PUBLIC-KEY CRYPTOGRAPHY. Sourav Mukhopadhyay

Modeling and verification of security protocols

A new probabilistic public key algorithm based on elliptic logarithms

Public Key Cryptography and RSA. Review: Number Theory Basics

Primes in Sequences. Lee 1. By: Jae Young Lee. Project for MA 341 (Number Theory) Boston University Summer Term I 2009 Instructor: Kalin Kostadinov

CS 348: Computer Networks. - Security; 30 th - 31 st Oct Instructor: Sridhar Iyer IIT Bombay

YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE

A New Generic Digital Signature Algorithm

CUNSHENG DING HKUST, Hong Kong. Computer Security. Computer Security. Cunsheng DING, HKUST COMP4631

Public Key Cryptography. Performance Comparison and Benchmarking

A short primer on cryptography

ECE 842 Report Implementation of Elliptic Curve Cryptography

Public Key Cryptography Overview

The application of prime numbers to RSA encryption

Discrete logarithms within computer and network security Prof Bill Buchanan, Edinburgh Napier

Network Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 Phone: 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室

Applied Cryptography Public Key Algorithms

Digital Signature. Raj Jain. Washington University in St. Louis

NEW HORIZON COLLEGE OF ENGINEERING, BANGALORE CLOUD COMPUTING ASSIGNMENT Explain any six benefits of Software as Service in Cloud computing?

Lecture 17: Re-encryption

Outline. CSc 466/566. Computer Security. 8 : Cryptography Digital Signatures. Digital Signatures. Digital Signatures... Christian Collberg

Network Security. Chapter 2 Basics 2.2 Public Key Cryptography. Public Key Cryptography. Public Key Cryptography

CRYPTOGRAPHY IN NETWORK SECURITY

IT Networks & Security CERT Luncheon Series: Cryptography

Mathematics of Internet Security. Keeping Eve The Eavesdropper Away From Your Credit Card Information

Lukasz Pater CMMS Administrator and Developer

EXAM questions for the course TTM Information Security May Part 1

An Introduction to the RSA Encryption Method

SECURITY IN NETWORKS

Digital Signatures. Prof. Zeph Grunschlag

An Efficient and Secure Key Management Scheme for Hierarchical Access Control Based on ECC

Shor s algorithm and secret sharing

Security in Distributed Systems. Network Security

1. The RSA algorithm In this chapter, we ll learn how the RSA algorithm works.

Basic Algorithms In Computer Algebra

Lecture 9: Application of Cryptography

QUANTUM COMPUTERS AND CRYPTOGRAPHY. Mark Zhandry Stanford University

Study of algorithms for factoring integers and computing discrete logarithms

Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology

New Efficient Searchable Encryption Schemes from Bilinear Pairings

Cryptography and Network Security Department of Computer Science and Engineering Indian Institute of Technology Kharagpur

TELE 301 Network Management. Lecture 18: Network Security

Efficient Unlinkable Secret Handshakes for Anonymous Communications

Module 8. Network Security. Version 2 CSE IIT, Kharagpur

A SOFTWARE COMPARISON OF RSA AND ECC

Cryptography and Network Security, PART IV: Reviews, Patches, and Theory 1 / 53

Cryptography Lecture 8. Digital signatures, hash functions

Final Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket

Security Sensor Network. Biswajit panja

Guide to Data Field Encryption

RSA and Primality Testing

Cryptography and Network Security

Lecture 10: CPA Encryption, MACs, Hash Functions. 2 Recap of last lecture - PRGs for one time pads

Transcription:

Elliptic Curve Cryptography Methods Debbie Roser Math\CS 4890 Why are Elliptic Curves used in Cryptography? The answer to this question is the following: 1) Elliptic Curves provide security equivalent to classical systems (like RSA), but uses fewer bits. 2) Implementation of elliptic curves in cryptography requires smaller chip size, less power consumption, increase in speed, etc. Since Elliptic Curve Cryptography has been around for 20 years and is considered to be the best concept to us for encryption, then why are we still using RSA? This question will be answered shortly!! Types of Elliptic Curve Cryptography: 1) Diffie-Hellman Key Exchange Encryption 2) Massey-Omura Encryption Basic Terminology: o The message sent from person A to person B is called a plaintext. o In order to keep the eavesdropper, person C, from not reading the message, person A encrypts it to obtain the ciphertext. To complete this task, person A uses an encryption key to obtain the ciphertext. o When person B receives the ciphertext, he/she decrypts it and reads the message. Person B uses a decryption key to decrypt the message. o Two basic encryptions: 1) Symmetric Encryption: the encryption key and the decryption key are the same or one can be easily deducted form the other. (ie: Data Encryption Standards (DES), Advanced Encryption Standards (AES)) 2) Public Key Encryption: also known as asymmetric encryption. Person A and B have no prior contact. Person B provides a public encryption key, that person A uses to encrypt the message. He has a private decryption key for him to decrypt the ciphertext. (ie: RSA) Diffie-Hellman Key Exchange Encryption

Person A and Person B want to agree on a common key in order to exchange their message using symmetric encryption method. Assume that person A and person B have no prior contact and the only communication channels between them are public. Finding a private key, we use Diffie-Hellman Key Exchange, explained as the following: (using multiplicative groups over a finite field!) 1) Person A and Person B agree on an elliptic curve E over a finite field Fq such that the discrete logarithm problem is in E(Fq). They also agree on a point P contained in E(Fq) such that the subgroup generated by P has a large order (usually, the curve and point are chosen so that the order is a large prime number). 2) Person a chooses a secret number a, computes Pa = ap, and sends Pa to Person B. 3) Person B chooses a secret number b, computes Pb = bp, and send Pb to Person A. 4) Person A computes apb = abp. 5) Person B computes bpa = bap. 6) Person A and Person B use some publicly agreed on method to compute a key from abp. What information does our eavesdropper, Person C, know? The only information that Person C knows is the curve E, the finite field Fq, and the points P, ap, bp. In order for Person C to get the message that is being transmitted form Person A to Person B, he/she must compute abp when give P, ap, bp in E(Fq). This is possible if Person C can solve for discrete logs in E(Fq). Once this happens, he/she can use P and ap to find the value for a. Then, they can compute a(bp) to get abp. The only problem is that we don t know if there is some way to get abp without first solving for a discrete log problem. So, the next thing we must prove: Given P, ap, and bp in E(Fq), and given a point Q E(Fq) determine whether or not Q = abp. We are trying to verify that if a random person gives out information to Person C telling them about abp is the correct information given that we know P, ap, bp in our elliptic curve over the finite field! Steps to the proof: 1) Use the usual Weil pairing to decide whether or not Q is a multiple of P. β : E(Fq) E(Fq), (x, y) _ (ωx, y), β( ) =. Suppose P E(Fq) has order n. Then β(p) also has order n. Define the modified Weil pairing: en(p1, P2) = en(p1, β(p2)), where en is the usual Weil pairing and P1, P2 E[n]. We can use a useful lemma, that states Q is a multiple of P iff en(p,q) = 1.

2) Assume Q is a multiple of P. This implies Q=tP for some t. Which implies: en(ap, bp) = en(p,p)ab = en(p, abp ) and en(q, P) = en(p,p)t 3) Finally we can assume that 3 doesn t divide n. By our useful lemma, we know that en(p, abp ) is a primitive nth root of unity. Which implies: Q = abp t ab (mod n) en(ap, bp) = en(q, P) This solves the proof. Massey-Omura Encryption Person A want to send a message to Person B over a public channel Have not established a private key yet. One way they can do this is that Person A puts her message in a box and puts her lock on it. Then, he/she sends it to Person B, who put his own lock on the box and sends it back to Person A. Person A removes her lock form the box and sends it back to Person B. Finally, Person B removes his lock, opens the box, and reads the message. Here is a YouTube video that helps explains this concept. http://www.youtube.com/watch?v=jjricb_hvui In mathematic terms: 1) Person A and Person B both agree on an elliptic curve E over a finite field Fq such that the discrete log problem is in E(Fq). Let N = #E(Fq). 2) Person A represents his/her message as a point M E(Fq). 3) Person A then chooses a secrete number ma, where gcd(ma,n) = 1, find the value for M1 =mam and send M1 to Person B 4) Person B then chooses a secret number mb with gcd(mb,n) = 1, computes M2 =mbm1, and sends M2 to Person A. 5) Person A then computes m A ZN Then, he/she computes M3= m A M2, and sends M3 to Person B. 6) Person B then computes m B ZN Then he/she computes M4= m B M3. M4 is equal to the message M. Check: M4=M, the original message. We know the following:

We also know that is equal to 1(mod N), which implies equals 1+kN. The group E(Fq) has order N, therefore by the Lagrange theorem NR = for any R E(Fq). This implies the following: Technical Challenges for Elliptic Curve Cryptography Implementation 1) One will be working with a seven tuples elliptic curve parameter. 2) Parameter Set Selection includes fix point selection and random point selection. Fix point selection is basically an individual choose the elliptic curve, the field, and the subgroup of points. In a random point selection, a random generator does all of the above. 3) Needed level of security: as described above, in order to get the message being transmitted form Person A to Person B one must solve for the discrete logarithmic problem, which is extremely hard. 4) Interoperability. Key pairing for a sensor network on the same elliptic curve. 5) Performance. The use of algorithms in order to decrease over all running time for key calculation. However, this is hard given the large parameters of our elliptic curve seven tuple. Application Issue: Security level requirements not being achieved Not having the appropriate seven tuple elliptic curve parameter A poorly selection of an elliptic curve system Device Issue: A poor selection of field elements, points, and equivalent algorithms Side channel attacks Problem with scalar multiplication Source: Analytical study of implementation issues of Elliptical Curve Cryptography for Wireless Sensor networks by Pritam Gajkumar Shah, Xu Huang, Dharmendra Sharma. (see attached pdf.) Back to one of the main questions: Since Elliptic Curve Cryptography has been around for 20 years and is considered to be the best concept to us for encryption, then why are we still using RSA? Despite the many advantages of elliptic curves and despite the adoption of elliptic curves by many users, many vendors and academics view the intellectual

property environment surrounding elliptic curves as a major roadblock to their implementation and use. Various aspects of elliptic curve cryptography have been patented by a variety of people and companies around the world. http://www.nsa.gov/business/programs/elliptic_curve.shtml Since the 1985, when elliptic curve cryptography was developed, elliptic curve cryptography has been a big area of study for many academies. Its first year it had some problems, just like DES, RSA, and any other cryptography methods. The only difference is that elliptic curve cryptography has been at its full strength since it was developed. As we go further and further into the future, many companies are going to be using elliptic curve cryptography for security and many other aspects. Elliptic Curve Cryptography is making a slow transition into being a part normally used encryption methods. Sources: 1. Elliptic Curves, Number theory, and Cryptography 2 nd edition by Lawrence C. Washington 2. http://www.nsa.gov/business/programs/elliptic_curve.shtml

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information